Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [ssh-keygen]

88 questions
105
votes
3 answers

What's the purpose of the randomart image for user (not host) SSH keys?

The ssh-keygen generates the following output: The key fingerprint is: dd:e7:25:b3:e2:5b:d9:f0:25:28:9d:50:a2:c9:44:97 user@machine The key's randomart image is: +--[ RSA 2048]----+ | .o o.. | | o +Eo | | + . | | …
syntagma
  • 12,091
  • 21
  • 57
  • 74
43
votes
1 answer

Why do portions of SSH public (and private) keys overlap?

Specifically, why are the first 25 characters of ssh Ed25519 public keys always the same? For example, if I make 5 keys with ssh-keygen -o -a 100 -t ed25519, the first 25 characters are always AAAAC3NzaC1lZDI1NTE5AAAAI. I assume this is a preamble…
Morris Cornell-Morgan
  • 553
  • 4
  • 7
33
votes
2 answers

Convert OpenSSH private key into SSH2 private key

Is there a way to convert existing pair of OpenSSH keys to the SSH2 (ssh.com format) pair of keys? UPD: since there are some answers about ssh-keygen suddenly appeared, I'll explain where I came from (also it will be a nice answer on "what have you…
ДМИТРИЙ МАЛИКОВ
  • 6,919
  • 5
  • 33
  • 32
29
votes
3 answers

How to decrypt hostnames of a crypted .ssh/known_hosts with a list of the hostnames?

I try to find a script to decrypt (unhash) the ssh hostnames in the known_hosts file by passing a list of the hostnamses. So, to do exactly the reverse of: ssh-keygen -H -f known_hosts Or also, to do the same as this if the ssh config…
Xorax
  • 515
  • 1
  • 5
  • 9
14
votes
3 answers

sign_and_send_pubkey: signing failed for RSA key; from agent: agent refused operation

I have a new machine running debian sid on which I generated a new ssh key-pair. I wanted to find a convenient way to copy this new key-pair to various other machines using my old Ubuntu machine and its key-pair. I have disabled password logins for…
firedrillsergeant
  • 382
  • 2
  • 5
  • 12
14
votes
2 answers

Add key to authorized_users without needing to restart sshd

I am trying to add a public key to a server but I don't want to restart the sshd service for it to take effect. The reason is that restarting the ssh service seems to be disruptive for other users who could use the ssh service at that time. Most…
user1952500
  • 293
  • 1
  • 3
  • 7
14
votes
1 answer

Check presence of a hostname under custom port in known_hosts

I need to add a check if the hostname is already present in the known_hosts file. Normally I would do something like that: ssh-keygen -H -F hostname However, that does not seem to work for me in this particular case. I connect to the host using…
deimos
  • 673
  • 5
  • 14
14
votes
1 answer

Can I build a Docker container from Dockerfile in an interactive way with allocation of some pseudo TTY?

I build container from below Dockerfile: FROM ubuntu:14.04 ... RUN apt-get update && apt-get install -y vim #RUN ssh-keygen -f /root/.ssh/id_rsa -N strongpass123$%^ RUN ssh-keygen -f /root/.ssh/id_rsa ... I do it quite rarely, but there is many…
koralgooll
  • 305
  • 2
  • 5
13
votes
2 answers

How to compare different SSH fingerprint (public key hash) formats?

When I log in to an SSH server/host I get asked whether the hash of its public key is correct, like this: # ssh 1.2.3.4 The authenticity of host '[1.2.3.4]:22 ([[1.2.3.4]:22)' can't be established. RSA key fingerprint is…
Ned64
  • 8,486
  • 9
  • 48
  • 86
7
votes
2 answers

Is there a way to list what types of key ssh-keygen supports?

The man page for ssh-keygen on my system (Fedora 35) says that the following types of keys are supported: -t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa Specifies the type of key to create. The possible values are “dsa”,…
hugomg
  • 5,543
  • 4
  • 35
  • 53
6
votes
2 answers

how to append public keys to remote host instead of copy it

I used in my bash script the follwing cli , in order to send the public key to remote machine sshpass -p $pass scp /root/.ssh/authorized_keys root@$remote_host:~/.ssh/authorized_keys but since we want to append the public keyes from other host…
user436442
6
votes
2 answers

pem file difference - ssh-keygen vs openssl

I generated my public/private key pair using ssh-keygen -t rsa -b 2048 -v and then needed a .pem file and followed this https://serverfault.com/questions/706336/how-to-get-a-pem-file-from-ssh-key-pair ssh-keygen -f id_rsa -e -m pem -----BEGIN…
emeraldjava
  • 163
  • 1
  • 5
6
votes
2 answers

Converting SSH2 RSA Private Key to .pem using openssl

When i try to convert SSH2 RSA format based private key to .pem format, using openssl i am getting the below error. [jbadmin@xxxxxxx .ssh2]$ openssl req -x509 -key /home/jbadmin/.ssh2/id_rsa_2048_a -nodes -days 365 -newkey rsa:2048 -out…
Uppicharla
  • 171
  • 1
  • 1
  • 5
5
votes
1 answer

How to verify fingerprint of Dropbear RSA host key?

When I connect to my Dropbear SSH server for the first time, I get the following message: me@laptop:~$ ssh me@server The authenticity of host 'server' can't be established. RSA key fingerprint is…
finefoot
  • 2,940
  • 2
  • 21
  • 41
5
votes
1 answer

What does `ssh-keygen -r` do if a public key is not specified?

Short Question I'm assuming that ssh-keygen -r hostname uses a default public key. I would have thought that it would default to ~/.ssh/id_rsa.pub, but that does not appear to be the case. So what is it doing? Long Version My experience with the…
igal
  • 9,666
  • 1
  • 42
  • 58
1
2 3 4 5 6